Main Vulnerability Database SB2012072401

SB2012072401 - Insecure DLL loading in SIMATIC STEP 7 and PCS 7

Published: July 24, 2012

Security Bulletin ID SB2012072401

Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) DDL hijacking (CVE-ID: CVE-2012-3015)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insecure DDL loading mechanism when processing STEP 7 files in SIMATIC STEP 7 and SIMATIC PCS 7 software. A remote attacker can trick the victim into opening a SETP 7 file from a remote SMB or WebDAV share, which hosts malicious .dll file, and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Note: the vulnerability has been exploited in the wild by Stuxnet malware in 2010.

Remediation

Install update from vendor's website.

SB2012072401 - Insecure DLL loading in SIMATIC STEP 7 and PCS 7

Breakdown by Severity

Description

Remediation

References